[SECURITY] [DLA 4164-1] libeconf security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4164-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
May 12, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : libeconf
Version : 0.3.8-1+deb11u1
CVE ID : CVE-2023-22652
Debian Bug : 1037333
It was discovered that there was a potential buffer overflow
vulnerability in libeconf, a configuration file parser. This could
have been exploited via malicously-crafted configuration files.
For Debian 11 bullseye, this problem has been fixed in version
0.3.8-1+deb11u1.
We recommend that you upgrade your libeconf packages.
For the detailed security status of libeconf please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libeconf
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmgiagQACgkQHpU+J9Qx
Hlg70g//SDpSg5dUE4izSXTNOhIAlFerSiBlgNW6HQcUHIFaAGewFqBkF9etjNKK
sSab0nOZK+/YJ/hJtlreE/kFD3VLSVRiA2v3vVndOQ1V12YaEwWPzzkL9Rdzk6VN
DOP6L0BimOsS8lfA5sw4nbgvAAew/oITLpCVkfM44zSLY+ztoUsBnnyTriUFVh6x
dtlMvBn4SJ+e4zGYoShCLvAbYgOtnyZFAES9w+jmyI2ev4+9QhbwTh1kHbiqUqf/
eBwGMPz6rlFASg1x5iE5o9SjVfikvO3BiFXmmNMuANC+Io3ec7o9frlTwDKDTGO/
nLzfe1LaJdgM7FnOzvP9ZUYQ7OLj8XOvijCsGTzJgURwz4iWYNAOWCvpm0bqEhky
nUOc5StICcZzJaH3FMVJ/mmZuuq+9TqXh7Q6sLT/heMS3hQY+KMbzHYAf+/LvKfI
zzSJV/sir8wSNYBXq3w9ykR/0ei94sklz9m+MHdGLKP7y6bpUp+RWnj/GqF0wOpj
aoBEnlHyX+qOXBBuImjgMeZPS1Ws3jA4g7i3DtQOrjQGcRRnl9Urf4atRQwf/Sir
w9yaRwxlVHbywgf2pEYEowMJVPl3fAz3AXHhrdfwyf+7+/nTn+yyzhQ2ebC2LA8e
m4Svy9HN4ueBDNto1R7ecBzZ1V55nHTWPy0xNSZFYGolENZB4Ow=
=JrDn
-----END PGP SIGNATURE-----
Reply to: